package com.cari.oa.tag;

import java.util.Set;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.tagext.BodyTagSupport;
import javax.servlet.jsp.tagext.Tag;

import com.cari.oa.controller.LoginController;
import com.cari.oa.util.StrUtils;

/**
 * 权限校验标签的实现类
 * @author yexuhui
 * 2012-3-27 下午4:31:42
 */
public class PrivilegeCheckerTag extends BodyTagSupport {

	private String actionUrl;
	private static final long serialVersionUID = 1304097290143096953L;

	@SuppressWarnings("unchecked")
	@Override
	public int doStartTag() throws JspException {
		if(StrUtils.isEmpty(actionUrl)) throw new JspException("actionUrl不能为空");
		if(!actionUrl.startsWith("/")) actionUrl = "/" + actionUrl;
		if(actionUrl.indexOf("?") != -1) actionUrl = actionUrl.substring(0, actionUrl.indexOf("?"));
		actionUrl = actionUrl.toLowerCase();
		
		HttpSession session = ((HttpServletRequest)pageContext.getRequest()).getSession();
		Set<String> actionUrlSet = (Set<String>) session.getAttribute(LoginController.ACTION_URL_SET_ATTR);
		if(actionUrlSet.contains(actionUrl)) return Tag.EVAL_BODY_INCLUDE;
		else return Tag.SKIP_BODY;
	}

	public void setActionUrl(String actionUrl) {
		this.actionUrl = actionUrl;
	}
}
